vbatts/cri-o
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

sandbox: Use first class sysctls instead of annotations

Browse source 
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
This commit is contained in:
Mrunal Patel 2017-10-19 15:23:41 -07:00 committed by Antonio Murdaca
parent c25530ac0b
commit 815bb7652b
No known key found for this signature in database
GPG key ID: B2BEAD150DE936B9
8 changed files with 57 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

2
test/testdata/sandbox_config_hostport.json vendored
View file

@ -38,8 +38,6 @@
},
"annotations": {
"owner": "hmeng",
"security.alpha.kubernetes.io/sysctls": "kernel.shm_rmid_forced=1,net.ipv4.ip_local_port_range=1024 65000",
"security.alpha.kubernetes.io/unsafe-sysctls": "kernel.msgmax=8192" ,
"security.alpha.kubernetes.io/seccomp/pod": "unconfined"
},
"linux": {